The "SSL/TLS: Certificate Signed Using A Weak Signature Algorithm" test
gets confused if a server is using (and presumably sends as part of the
TLS handshake) a Root CA certificate that is signed by a weak algorithm.

Advertising

This check should only be valid for subordinate certificate, that is,
certificates signed by a superior CA. In a self-signed (such as a Root
CA) the signature algorithm is irrelevant.

Many organisations still use a SHA1 signed Root CA certificate, and
these are flagged up during a scan, if the scanned server is configured
to send the Root CA certificate as part of the chain. Note that sending
the Root has no security benefit or risk, and is ignored by clients - it
is usually due to a misconfigured server.

The 'gb_ssl_weak_hash_algo.nasl' script checks if a certificate is a
Root CA certificate (by including CAs.inc) but this only checks if the
certificate is on a predefined list of commercial CAs. I can't add to
this list (as far as my understanding goes) as the file is signed. In
my opinion, the NASL should simply check if the Subject and the Issuer
are the same. If they are, there is no reason to check the signature
algorithm.

This also affects servers that use a single self-signed certificate for
TLS. While not considered best practice, many do use them. Again,
there is no reason in flagging the signature algorithm of these
self-signed certificates as it adds no effective security. A test of
Subject is equal to Issuer would resolve this too.

This may have been discussed previously (Google couldn't find it) as I'm
new to OpenVAS. If it has, please accept my apologies.